Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/hugttgFLts-nIuFWhjqlit2FxGs.roa
File: hugttgFLts-nIuFWhjqlit2FxGs.roa (raw, json)
Hash identifier: R9Mrbm+uQb6if+xzeSRKtR228iZyEfYSZzy2uPo1i5s=
Subject key identifier: 86:E8:2D:B6:01:4B:B6:CF:A7:22:E1:56:86:3A:A5:8A:DD:85:C4:6B
Certificate issuer: /CN=09ee7ee0f75b7164ac7596197c7f121d6fca1576
Certificate serial: 018A4125B3FE5A674279AB9490EBB8737A7F
Authority key identifier: 09:EE:7E:E0:F7:5B:71:64:AC:75:96:19:7C:7F:12:1D:6F:CA:15:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/hugttgFLts-nIuFWhjqlit2FxGs.roa
Signing time: Tue 29 Aug 2023 11:55:04 +0000
ROA not before: Tue 29 Aug 2023 11:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 216.245.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:25:b3:fe:5a:67:42:79:ab:94:90:eb:b8:73:7a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09ee7ee0f75b7164ac7596197c7f121d6fca1576
Validity
Not Before: Aug 29 11:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86e82db6014bb6cfa722e156863aa58add85c46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:a8:57:ad:2d:db:c0:6a:7a:26:b8:64:0a:
44:da:92:e2:c9:16:e3:94:b6:85:7a:a9:ac:f0:6e:
e0:85:08:23:cf:a3:dd:7a:6c:c8:3c:ec:f6:0e:f2:
0e:49:0f:85:bd:44:fc:e0:2a:9e:46:c5:77:57:26:
70:16:11:4e:e9:39:29:27:2f:53:07:90:df:78:b0:
43:c4:a7:70:e5:2f:2c:33:ba:83:5c:b9:65:96:e1:
04:c2:e3:ac:e4:60:51:22:bb:83:eb:20:ce:3d:be:
04:a9:18:65:aa:cb:9d:9f:27:44:a8:c7:a1:ed:2f:
ef:43:a7:ce:0d:46:72:68:d2:3c:ec:0e:26:21:24:
c2:25:a2:87:22:87:4c:8b:b5:bd:70:49:14:e7:72:
05:9e:20:91:6c:67:f4:5a:3c:5a:29:67:c9:f0:07:
9f:38:73:c1:1e:4d:c4:35:cb:27:41:1a:6f:1c:d9:
f5:1f:12:98:e2:a3:a5:43:c8:42:c1:0d:68:42:3b:
78:49:ec:52:96:13:e5:b8:43:02:03:91:80:7c:5e:
bf:b0:bd:b0:32:46:4f:ee:ec:54:8e:49:0e:04:65:
2b:79:e7:32:45:b9:97:01:4b:d2:bc:87:f9:32:71:
40:9f:f0:77:42:c7:ab:ad:c1:a5:62:ba:63:6c:12:
80:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E8:2D:B6:01:4B:B6:CF:A7:22:E1:56:86:3A:A5:8A:DD:85:C4:6B
X509v3 Authority Key Identifier:
keyid:09:EE:7E:E0:F7:5B:71:64:AC:75:96:19:7C:7F:12:1D:6F:CA:15:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/hugttgFLts-nIuFWhjqlit2FxGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.245.80.0/24
Signature Algorithm: sha256WithRSAEncryption
43:fe:7f:66:a2:b8:78:7d:7b:1c:e7:39:cf:03:ba:43:51:bc:
16:a1:f5:7e:07:fb:03:19:7b:18:3f:de:5b:62:3a:7f:9f:65:
74:1f:33:bf:51:c6:c5:3f:9c:5a:5a:ec:57:4f:b5:e1:e7:ee:
76:f3:78:23:90:f4:d3:ca:43:5e:74:07:70:5f:ab:de:86:57:
5c:12:5d:99:22:c6:85:1d:d1:2c:79:d7:1c:93:db:63:84:7e:
47:9f:6f:a7:8f:10:24:8f:54:2e:6e:1d:31:c8:08:84:55:b2:
c5:06:22:37:09:80:7b:28:0f:d8:ed:24:8d:0a:d0:bb:9e:f0:
2f:8d:5b:94:e4:b0:5d:01:a2:95:97:c6:9f:9f:1b:e8:c5:b3:
f1:05:92:d6:26:54:4a:ff:dd:d4:24:d1:27:41:70:33:66:ae:
99:2e:72:4f:3b:ee:9e:67:6b:2e:91:01:02:a7:ea:a1:32:e7:
bf:90:4d:a4:03:29:bc:b6:0a:0e:13:07:ec:08:9f:55:d9:04:
9c:b1:f2:c5:55:b8:1e:55:30:63:e7:4e:97:d2:6b:0d:10:f5:
a7:6d:17:86:a3:5f:42:5b:d3:52:90:5c:e4:85:7b:fa:87:54:
cf:00:91:dc:3a:ad:57:2f:8b:f2:2b:2b:16:d1:b9:ed:56:9a:
9f:2a:d2:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpBJbP+WmdCeauUkOu4c3p/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZWU3ZWUwZjc1YjcxNjRhYzc1OTYxOTdjN2YxMjFkNmZj
YTE1NzYwHhcNMjMwODI5MTE1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU4MmRiNjAxNGJiNmNmYTcyMmUxNTY4NjNhYTU4YWRkODVjNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP2oV60t28Bqeia4ZApE2pLiyRbj
lLaFeqms8G7ghQgjz6PdemzIPOz2DvIOSQ+FvUT84CqeRsV3VyZwFhFO6TkpJy9T
B5DfeLBDxKdw5S8sM7qDXLllluEEwuOs5GBRIruD6yDOPb4EqRhlqsudnydEqMeh
7S/vQ6fODUZyaNI87A4mISTCJaKHIodMi7W9cEkU53IFniCRbGf0WjxaKWfJ8Aef
OHPBHk3ENcsnQRpvHNn1HxKY4qOlQ8hCwQ1oQjt4SexSlhPluEMCA5GAfF6/sL2w
MkZP7uxUjkkOBGUreecyRbmXAUvSvIf5MnFAn/B3QserrcGlYrpjbBKAcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIboLbYBS7bPpyLhVoY6pYrdhcRrMB8GA1UdIwQY
MBaAFAnufuD3W3FkrHWWGXx/Eh1vyhV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2U1LTRQZGJjV1NzZFpZWmZIOFNIV19LRlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kYmU1MGEtMmNhMS00MzYyLWI1ZTct
NjY4M2M4ZmM5ZTViLzEvaHVndHRnRkx0cy1uSXVGV2hqcWxpdDJGeEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kYmU1MGEtMmNhMS00MzYyLWI1ZTctNjY4M2M4ZmM5ZTVi
LzEvQ2U1LTRQZGJjV1NzZFpZWmZIOFNIV19LRlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2PVQMA0G
CSqGSIb3DQEBCwUAA4IBAQBD/n9morh4fXsc5znPA7pDUbwWofV+B/sDGXsYP95b
Yjp/n2V0HzO/UcbFP5xaWuxXT7Xh5+5283gjkPTTykNedAdwX6vehldcEl2ZIsaF
HdEsedcck9tjhH5Hn2+njxAkj1Qubh0xyAiEVbLFBiI3CYB7KA/Y7SSNCtC7nvAv
jVuU5LBdAaKVl8afnxvoxbPxBZLWJlRK/93UJNEnQXAzZq6ZLnJPO+6eZ2sukQEC
p+qhMue/kE2kAym8tgoOEwfsCJ9V2QScsfLFVbgeVTBj506X0msNEPWnbReGo19C
W9NSkFzkhXv6h1TPAJHcOq1XL4vyKysW0bntVpqfKtKj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:19 2025 by rpki-client